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© A method of protecting computer software is 
provided by storing a first key in a plug-in hardware 
device, storing an algorithm for processing a purality 
of keys including the first key in software to be 
protected, loading the software containing the al- 
gorithm in the computer and plugging in a hardware 
device in a communications port of the computer. A 
second key, external to the software, to be protected 
which bears a relationship to the first key by the 
algorithm is loaded into the computer where pro- 
cessing takes place of the first and second keys in 
the algorithm for deriving a control key, if present, 
for the continued processing of the software being 
protected. The step of loading the second key is 
performed using a computer keyboard, any 
input/output port, a hard disk file or any other meth- 
od of entry in the computer. Additional keys external 
to the software which bear a relationship to the first 
and second keys configured in the algorithm may be 
provided. 
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BACKGROUND OF THE INVENTION 

This invention relates to the protection of com- 
puter software, and more particularly to a method 
of protecting software using multiple keys which 
are external to the software being protected to 
produce a single control key which will allow the 
protected software to be continued to be processed 
by the computer. 

Hardware-based software protection devices 
are generally sold to end-users who receive a 
distribution diskette containing the desired program 
including a recorded key and a hardware device 
which contains a matching key. In order to operate 
the software, the supplied hardware portion is 
plugged into a specified port of the computer es- 
tablishing a communications path between the 
hardware device and the computer. If the hardware 
device contains the correct key which matches the 
key recorded in the software, then the software is 
allowed to continue. However, the wrong key or the 
absence of such a key prevents the operation of 
the software. 

In U.S. Patent 4,458,315 to Uchenick a first key 
is stored in the program and a second key, phys- 
ically separate from the program, is supplied to the 
customer with each program sold in a hardware 
based register. The first and second keys are com- 
pared to see if they bear a predetermined relation- 
ship to each other, in which case the program is 
authorized. In a first implementation, each secured 
program has the same first key in a hardware 
register and the secured program contains the sec- 
ond key. In a second implementation, different first 
keys are provided for each secured program, but 
the secured program copies supplied to the users 
must incorporate in advance a complete list of all 
second keys which are to be used with the dif- 
ferent first keys. 

Another approach is followed by U.S. Patent 
4,593,353 to Pickholtz in which first and second 
authorization codes are stored in the program and 
are read by the computer before the program is 
allowed to be executed. A hardware module con- 
taining a pseudorandom number generator unique 
to the authorized system receives the first au- 
thorization code as a key. The resultant number 
generated by the number generator which is a 
function of the key and pseudorandom generator 
algorithm is compared with the second authoriza- 
tion code which enables an execution signal to be 
generated in response to a positive comparison to 
enable the stored program to be executed. 

One of the problems with the aforesaid ap- 
proaches resides in the fact that all of the first keys 
used must be known in advance and stored in the 
original software program. For example, when soft- 
ware is offered for sale with additional modules, 
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upgrades and features, such embellishments may 
be useful and are sold only to certain users and not 
to others. Because all the copies of the software in 
the aforesaid approaches have the same set of 

5 values of keys for comparison with the external 
hardware key, then another key or code must be 
supplied in another hardware device when the ad- 
ditional module is separately offered for sale, even 
if that additional module which is related to the 

w basic software has been supplied in advance. Only 
such an approach could distinguish the legal users 
of additional software modules from others. The 
additional hardware device adds expense and time 
delays in ordering and shipping. Also in such a 

15 case, remote implementation, e.g., telephone or 
facsimile, is not possible. 

The mass reproduction of the software device 
which has the keys incorporated therein of neces- 
sity limits the flexibility in the choice of keys, as 

20 well as compromising the security. If a key is 
stored in the software being protected, and that key 
is broken or discovered by a copier, all the soft- 
ware copies on which that key appears has thus 
been discovered eliminating the desired security. 

25 

SUMMARY OF THE INVENTION 

Accordingly, it is an object of the present in- 
vention to provide a new and improved method for 

30 protecting computer software which permits mass 
replication of the software desired to be protected 
while providing the possibility of selling original 
options or upgrades modifying the original software 
by using the same hardware security device fur- 

35 nished with the original software package while 
preventing the unauthorized use of the copies of 
such additional options or upgrades. 

Still another object of this invention is to pro- 
vide an improved method for protecting computer 

40 software in which original options or modifications, 
such as upgrades may be authorized remotely by 
telephone, facsimile, or mail without compromising 
security or preventing the mass replication of the 
secured software. 

45 In carrying out this invention in one illustrative 

embodiment thereof, a method of protecting com- 
puter software is provided comprising the steps of 
storing a plurality of unique first keys in a plurality 
plug-in hardware devices, each device having its 

50 own unique first key, establishing a plurality of 
unique second keys, each having a predetermined 
relationship with one of each of said plurality of first 
keys, storing an algorithm for processing said 
unique key pairs in software which is desired to be 

55 protected, supplying identical copies of said soft- 
ware to be protected together with said hardware 
devices, each having one of said first keys, one 
device with each of said copies, supplying said 

2 
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second key that forms said key pair with one of 
said first keys in said hardware device, inserting 
one of said hardware devices in a communication 
port of said computer, loading said software to be 
protected containing said algorithm in said com- 
puter, loading a second unique key external to said 
software device to be protected in said computer, 
and processing said first and second keys in said 
algorithm for deriving a control key, if present, for 
permitting the continued processing of the software 
being protected, 

BRIEF DESCRIPTION OF THE DRAWING 

The invention, together with further objects, 
aspects, features and advantages thereof will be 
more clearly understood from the following descrip- 
tion taken in connection with the accompanying 
drawing which provides a combined block diagram 
and flow chart illustrating the method embodied in 
the present invention. 

DESCRIPTION OF THE PREFERRED EMBODI- 
MENTS 

In the following description, terms used are 
defined as follows: 

Primary or first key - refers to a physical 
hardware device that is initially shipped with a 
software package to be protected. 

Secondary or second key - refers to a string 
input, e.g., alpha-numeric, hexadecimal, binary, etc. 
from the end user of the software package being 
protected. The secondary key can be in label form 
(supplied and affixed to the hardware device deliv- 
ered to the end user), and may be stored on the 
computer disk in which the software is being used 
for subsequent recovery. 

Control key - refers to a calculated value that is 
the result of information stored within the primary 
first key and that of the second key. The propri- 
etary algorithm that does this calculation is con- 
tained within the software being protected. 

Algorithm - is the relationship between the pri- 
mary and secondary keys which form a unique key 
pair. 

Original program - a software program which 
may include options, modules, libraries, etc. 

Modifications - refers to all changes made to 
the original software program which are to be pro- 
tected, such as additions, upgrades, etc. 

In accordance with the present invention, a 
specific algorithm is provided to each software 
developer whose software is desired to be pro- 
tected. For a given algorithm, there is a distinct 
relationship between the primary and secondary 
keys (key pair) that produces a proper and correct 
control key. The proprietary algorithm which has 
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been furnished is contained in the software -being 
protected. In order to activate modules of software 
packages that have already been distributed by the 
developer to a user site in the field, in accordance 

5 with the present invention, it is only necessary to 
supply the end user with another secondary key 
which along with the original first or primary key 
produces another control key. The newly created 
control key will be required to operate the newly 

io activated upgrade which is defined herein as a 
modification of the original software program. 

In order to prevent unauthorized use of a new 
secondary key, the end user will be initially sup- 
plied with a unique key pair. Since the unique key 

rs pair contains a unique hardware key (primary or 
first key), a unique second key is required to 
operate the software. Thus, the same secondary 
key will not operate another primary key in a neigh- 
boring or unauthorized site. 

20 Should a modification to the protected software 

package be required, it will only be necessary to 
know the value of the primary or first key which is 
not secret. This can be determined by a simple 
utility supplied with the original software package 

25 and run by the user. The results of this utility can 
be displayed on an output device, screen or print- 
er, etc. This information is then transmitted to the 
software developer or its agent and a modification 
can be sent with a new second key. No additional 

30 hardware is required, relieving any future hardware 
cost. Since unique key pairs are used to prevent 
cross-activation between end user sites, the al- 
gorithm can be constant for any given piece of 
software. Accordingly, replication of software does 

35 not require special handling and can be carried out 
in the usual manner. 

Referring now to the drawing, illustrating the 
method embodied in the present invention, a 
unique primary or first key or code stored in a 

40 hardware device 10, such as a read-only memory 
(ROM), is plugged into a port 12 of a computer 14 
which can thereby be accessed and loaded into the 
computer by means of a software program 16 
being protected. A unique secondary or second 

45 key or code is entered via the keyboard (not 
shown) of the computer 14 or by any other conve- 
nient or suitable means which is also stored in the 
computer. The first and second keys provide a 
unique key pair which differs for each application, 

so and different key pairs are supplied to each soft- 
ware developer. An algorithm 28 in the software 
being protected utilizes both keys 10 and 18 to 
produce a desired result which in essence be- 
comes a control key 32 to yet another algorithm 

55 which allows the software to execute properly. If 
either or both of the two keys forming the unique 
key pair do not fit the algorithm as desired, a result 
which will occur which can be considered an error. 

3 



0 




EP 0 537 



Thus, the software program can be terminated 
thereby allowing only the proper combination of 
hardware key 10 and key 18, having been entered 
separately, to operate the software. 

The method of the present invention as illus- 5 
trated in the drawing comprises loading the soft- 
ware 16 to be protected with its algorithm stored 
therein in the computer represented by block 20. 
The primary or first key of the hardware device 10 
which has been plugged into a communications 10 
port 12 of the computer 14 is loaded into the 
computer represented by block 22. The second 
key 18 is then loaded into the computer from the 
computer keyboard or optionally from a hard disk 
file 25 as represented by block 26 of the drawing. 75 
Program operation 28 takes place in which the first 
10 and second 18 keys forming a unique key pair 
or set are processed in the algorithm 28 producing 
either output 30 or 32. If the output 30 is provided, 
this means that an unrecognizable operational code 20 
or an erroneous operation has taken place which is 
used to stop the processing of the program. On the 
other hand, if output 32 is provided, this indicates 
that a correct code exists, has been recognized, 
and thus will permit the continued processing of 25 
the protected software. 

The algorithm 28 which may be employed in 
the aforesaid method may be any manipulation of 
key sets which may be any combination of math- 
ematics and ciphering techniques. Although it will 30 
be appreciated that the various algorithmic com- 
binations may be infinite in number, a simple ex- 
ample of two variable keys can be illustrated as 
follows: 

35 

Kh + Kk = Kc 

where Kh is the key value stored in the plug-in 
hardware device (ROM, EE PROM, etc.), 
Kk the value entered into the computer via the 40 
keyboard, and 

Kc the control key 32 which allows the protected 
software to run. 

For the sake of the example, if the required control 
key Kc = 100, then the sum of Kh and Kk is equal 45 
to 100, so that if Kh = 1, Kk must be 99, or if Kh 
= 1000, then Kk must be -900, etc. It should also 
be obvious to the reader that additional variables 
may be included in a similar manner as the first 
two keys or in other mathematical relationships so 
which can complicate the equation, if desired, 
which produces the control key, Kc, for example: 

Kx (Kh + Kk) = Kc 

55 

where Kx is a third variable. 

For Kc = 100 and Kh = 10, if: 

Kx = 1, Kki must equal 90 and if Kx = 2, Kk 2 
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must equal 40. 

Thus, for a given value of Kh, for example a key 
value stored in a plug-in hardware device 10, it can 
be seen that there are two values of Kk for two 
different values of Kx. In a practical and useful 
sense, Kx can be the control code of a systems 
manager who allows either user, Kki = 90 or Kk2 
= 40, access to the software. 

It is particularly significant and should be noted 
that no key is stored in the software to be pro- 
tected and only the algorithm that processes the 
keys is so stored. The second key which is entered 
into the computer via the keyboard may obviously 
be stored in a file having the installation of the 
protected program and later during the execution of 
the program retrieved for the sake of convenience 
from the standpoint of eliminating repetitive reentry 
of the same sequence of numbers. 

The present invention produces a control key 
based on the processing of unique key pairs or 
sets (triples, etc.) which of necessity bear an al- 
gorithmic relationship to each other. In the pre- 
ferred embodiment, no two hardware devices con- 
tain the identical first keys. Accordingly, second 
keys are uniquely different for a given algorithm 
and control key. One advantage of using different 
key pairs over fixed pairs of keys is that if one pair 
of keys is discovered by a copier, called a hacker, 
that key pair would not apply for the next identical 
piece of software and the work must be done again 
in trying to find the proper operational sequences. 

The importance of having identical software 
cannot be minimized due to the desirability of 
replicating the software for distribution. Any change 
of program material prevents the mass reproduc- 
tion of the initial software. As soon as any change 
is made to the software, even if a simple change of 
key data is made, the software has to be 
"recompiled" into "machine language" and retest- 
ed, which are time-consuming endeavors. By elimi- 
nating the use of different keys from being re- 
corded in the software to be protected, no recom- 
pilation is necessary. In addition, another common 
problem basic to the application of software which 
is offered for sale is that modifications of the pro- 
tected software such as additions, upgrades and/or 
features which are used to further enhance existing 
software may be individually useful to certain users 
and not to others. In the past such additions and 
upgrades have been supplied to the end-user in 
one of two ways. First, the developer or distributor 
may sell the enhancement or upgrade through a 
separate diskette which may also be protected by 
yet another hardware key. Secondly, the option or 
module may already exist on the original software 
but the ability to execute it may require another 
correct key or code. In the latter method the de- 
sired module could contain all of the same char- 
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acteristics of key relationships as in the original. 

In accordance with the present invention, ar- 
rangements can be made to supply and have en- 
tered another second key which would produce a 
second control key derived from the first and newly 
supplied second keys, using the same algorithm to 
allow the new module which already exists in the 
original package to operate. This may be accom- 
plished by entering the other second key which 
could be received by telephone after verification of 
credit through the keyboard of the computer. Now 
suppose that the second key is actually recorded 
and exists in the software. Accordingly, if the key 
exists in the software this would necessitate an- 
other hardware key to be provided to activate a 
module even if that module itself was supplied in 
advance. Accordingly, the present invention elimi- 
nates the need for the additional cost of another 
piece of hardware as well as the cost of shipping 
and the associated delays provided thereby. 

For a given algorithm it has been shown that 
for every hardware key there exists a unique key- 
board entry key which produces the same control 
key. Paradoxically, many different hardware keys 
may be provided which operate the same identical 
software. This can be used to advantage as a 
control over the history of the software in the same 
manner as a serial number would be used since 
arrangements can be made to have every hardware 
key uniquely different. In the present invention the 
software may be replicated by normal mass pro- 
duction methods since no keys are actually in- 
cluded in the software, and the software contains 
only the algorithm. Accordingly, all copies of the 
software are identical to each other. 

The provision of providing unique and different 
hardware keys which require different matching 
keyboard entries allows the separate modules to be 
supplied and distributed along with the original 
program at the same time. As pointed out above, 
later activation of any one module would require a 
keyboard entry, a proper code associated with the 
particular hardware device originally supplied since 
the control code of that module would be different 
than that of the host software. Furthermore if all of 
the hardware keys are made different, one key- 
board entry could not be used to activate another 
identical software module having a different hard- 
ware device supplied with it, thereby limiting dis- 
tribution to an individual basis. 

In addition, it is known that given sufficient time 
and energy, it would be possible to emulate the 
action of the hardware device by means of a soft- 
ware program which uses such a device. The 
present invention is best utilized when no two hard- 
ware keys are alike. As previously stated, this 
prevents the same keyboard entry to operate iden- 
tical modules. Since each hardware device is 



uniquely different, even the same software requires 
its own keyed code thus preventing piracy of the 
developer's software. In addition, if an attempt is 
made to emulate the hardware device which proves 

5 successful, a completely separate emulation would 
have to be devised for the next piece of software 
which would essentially stop any mass attempts to 
break the security of the protected software in 
accordance with the present invention. 

10 In providing subsequently issued modifications 

to the original program, it is also possible to supply 
another algorithm with the upgrade which can use 
the existing first and second keys to produce a 
different control key or preferably to use a third key 

75 (new second key) which in combination with the 
first key in the hardware device produces a new 
control key when processed by the algorithm in the 
modification. 

Summarizing the use of the present invention 

20 can provide the ability using a new second key to 
remotely upgrade or add additional functionality to 
the original software while limiting the upgrade to 
those possessing the unique first hardware key, in 
effect securing all other identical software from 

25 operating identical upgrades without authorization. 
Additionally the beneficial use of an algorithm to 
produce a result which can be used in a functional 
matter as opposed to a decision-making compari- 
son mechanism enhances the security system tre- 

30 mendously. Finally, all the software can be mass 
replicated using normal production practices with- 
out sacrificing the security of execution control of 
each of the identical replicated software by means 
of unique key pairs. 

35 Since other changes and modifications varied 

to fit particular operating requirements and environ- 
ments will be apparent to those skilled in the art, 
the invention is not considered limited to the exam- 
ples chosen for purposes of illustration and in- 

40 eludes all changes and modifications which do not 
constitute a departure from the true spirit and 
scope of this invention as claimed in the following 
claims and equivalents thereto. 

45 Claims 

1. A method of protecting computer software 
from unauthorized execution using multiple 
keys, one of which is stored in a hardware 
so device to produce a control key which will 

allow the protected software to execute com- 
prising the steps of: 

storing a plurality of unique first keys in a 
plurality of hardware devices, each hardware 
55 device having its own unique first key, 

establishing a plurality of unique second 
keys, each having a predetermined relationship 
with one of each of said first keys forming a 
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plurality of unique key pairs, 

storing an algorithm for processing said 
unique key pairs in software which is desired 
to be protected, 

supplying identical copies of said software 5 
to be protected together with said hardware 
devices, each having one of said first keys, 
one device with each of said copies, 

supplying said second key that forms said 
key pair with one of said first keys in said w 
hardware device, 

inserting one of said hardware devices in 
an input/output port of said computer, 

loading said software to be protected con- 
taining said algorithm in said computer, 75 

loading a second key external to said soft- 
ware to be protected in said computer, and 

processing said first and second keys in 
said algorithm for deriving a control key, if 
present, for permitting the continued process- 20 
ing of the software being protected. 

2. The method as claimed in claim 1 wherein 
said step of loading said second key is per- 
formed using an input port of a computer. 25 

3. The method as claimed in claim 2 wherein 
said step of loading said second key entered 
through any input port is stored in a hard disk 

file in said computer for subsequent retrieval. 30 

4. The method as claimed in claim 1 including 
the steps of 

supplying at least one additional key 
loading said at least one additional key 35 
external to said software which bears a rela- 
tionship to said first key configured in said 
algorithm and processing said at least one said 
additional key with said first key in said al- 
gorithm for producing a new control key for the 40 
purpose of allowing other parts of the original 
software to be enabled. 

5. The method as claimed in Claim 1, including 

the steps of 45 

supplying a modification for said protected 
program having an additional algorithm in said 
modification, 

supplying a unique third key with said 
modification which bears a unique relationship 50 
to and forms another key pair with said unique 
first key stored in said hardware device, 

loading said unique third key in said com- 
puter and 

processing said first and third keys in said 55 
additional algorithm for deriving another control 
key for permitting processing of software modi- 
fications being protected. 
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© A method of protecting computer software is 
provided by storing a first key in a plug-in hardware 
device, storing an algorithm for processing a purality 
of keys including the first key in software to be 
protected, loading the software containing the al- 
gorithm in the computer and plugging in a hardware 
device in a communications port of the computer. A 
second key, external to the software, to be protected 
which bears a relationship to the first key by the 
algorithm is loaded into the computer where pro- 
cessing takes place of the first and second keys in 
the algorithm for deriving a control key, if present, 
for the continued processing of the software being 
protected. The step of loading the second key is 
performed using a computer keyboard, any 
input/output port, a hard disk file or any other meth- 
od of entry in the computer. Additional keys external 
to the software which bear a relationship to the first 
and second keys configured in the algorithm may be 
provided. 
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